CORS ERROR ALREADY ENABLED CORS ON API GATEWAY

API GATEWAY

The Amazon API Gateway is an AWS application built to build, upload, manage, track and protect REST, HTTP, and WebSocket APIs on any size. As well as data stored in the AWS Cloud, Application developers can build Applications that control AWS or other cloud resources. As a developer of API Gateway APIs, you can build APIs for use of your own client applications. Or you can make the APIs visible to the device of the developers from third parties.

Why we need an API Gateway?

When you set up your web server and expose it to the internet, you are putting your server at risk of hacked by anyone.

What is CORS?

But first, let’s establish a few definitions. What is CORS anyway? CORS stands for Cross-Origin Resource Sharing, and it’s a protocol that allows servers to receive requests from different domains. To understand why CORS is necessary, it first helps to understand why it would be a problem to make a request from one domain to another in the first place.

Cross-domain requests in JavaScript are restricted by the same-origin policy, which is a security standard enforced by the browser. It states that scripts loaded on one domain can only request resources that originate from the same domain. The purpose of the same-origin policy is to prevent attacks by malicious scripts.

When we talk about cross-origin requests, we’re usually talking about requests from one domain or subdomain to a different domain or subdomain. But different protocols (for example HTTP vs HTTPS) or different ports can also constitute different origins.

The same-origin policy mainly comes into play when using methods like fetch or XMLHttpRequest to make an AJAX request. If you’re running a script on domain-one.com that calls out to a resource that’s also located on domain-one.com, you’re in the clear. But what if the resource you need is located on domain-two.com? Unless domain-two.com has enabled CORS to give domain-one.com permission to access its resources, the request will be blocked.

When we run the script, we see the familiar CORS error, indicating that the request was blocked:

Steps were taken to resolve the cors error

Integration response

The internal interface in the API Gateway of a WebSocket API route or REST API process, where you map the status codes, headers, and payload obtained from the backend to the address format returned to a client device.

CORS HTTP response headers

The following headers are available to configure CORS access on your server:

https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#the_http_response_headers

Access-Control-Allow-Headers edited and make it to ‘*’

Then Deploy API

Click on Deploy

“Thank You”!

Thanks to all my readers and I hope I will come back with a more interesting topic.😎

--

--

--

DevOps engineer

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Our Favorite Summer ’21 Salesforce Features

Why D3 is So Hard To Learn from Bl.ocks

REACT NATIVE (VERSION-0.62)

Full Address Bar Spoofing On Opera Mini Android

How to avoid Z-INDEX war

How to use math formula on Medium posting

React Weekly Issue 31

How I Created My Blog with Gatsby, Contentful and Netlify

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Saket Jain

Saket Jain

DevOps engineer

More from Medium

Continuous Deployment of Nuxt on AWS with GitLab CI

EC2 Instance Storage : AMI Overview

AWS Development Environment setup — AWS Toolkit

Amazon API Gateway HTTP Errors